Writing Secure Code

The best way to find its not really a file and directory traversal bugs is to throw random filenames at the application to see how it behaves. Try some of the following:

• AUX

• CON

• LPT1

• PRN.TXT

• ..\..\AUX

• /dev/null

• /dev/random

• /dev/urandom

• ../../dev/random

• \\ servername \c$

• \\servername\ipc$

See if the application hangs or crashes; if it does, you may have hit code that anticipated real, honest-to-goodness files! Also, see if you can access files you shouldnt be able to access, such as /etc/passwd on a Unix box.

As with a number of other sins in this book, the best way to find the issues is through a good security code review.